Skip to main content

28 replies

June 7, 2023

Dear Dave_1P,

I would like to express my gratitude for your prompt reply. I am aware that 1Password utilizes a distinctive 34-character Secret Key to safeguard user accounts. In addition, I have taken the precautionary measure of enabling two-factor authentication (2FA) through the use of a Yubikey.

Nevertheless, my request does not pertain to the introduction of a novel feature. 1Password 7 already possesses this feature that I am referring to. Any many other Apps also do. Therefore, I kindly request that you reinstate this feature in the current version.

Thank you for your attention to this matter. I look forward to your response.

Best regards,
Munoo Chahar.

June 7, 2023

Hi,
I couldn't find this thread earlier, so I initiated a new thread regarding this issue. I have posted a comment there. Now I am posting here as well.

June 7, 2023

https://1password.community/discussion/140626/inclusion-of-pin-code-support-separate-from-device-pin-in-1password-8#latest

June 7, 2023

Dear 1Password team,

I trust this message finds you all in good health.

I would like to formally request the addition of a separate Pin Code feature in 1Password 8, separate from the device PIN Code. This particular functionality was available in 1Password 7.
While it is true that 1Password 8 has introduced Pin code support, it is currently limited to the device's PIN code. In contrast, 1Password 7 allowed users to set a different Pin code for enhanced security purposes.

At present, 1Password 8 offers three locking options:

  1. Master Password: The purpose of a password manager is to relieve the burden of remembering multiple passwords, requiring only the recall of a single master password. My master password is both complex and lengthy, rendering it inconvenient to input each time 1Password is used.

  2. Face ID: In certain situations and specific workplaces, the use of Face ID may be prohibited, necessitating the use of a passcode as an alternative. Personally, I harbor concerns about the security of relying solely on Face ID for 1Password. Notably, many applications, such as Dropbox, provide the capability to set a pin code.

  3. Pin Code: Password managers bear significant importance for numerous individuals as they store valuable account credentials, bank details (including credit/debit card information), and secure notes. To enhance security and foster peace of mind, it is advisable to assign a distinct pin code to each specific application. The probability of someone inadvertently discovering your device's passcode outweighs the likelihood of them gaining access to the app's passcode.

I am aware that 1Password utilizes a distinctive 34-character Secret Key to safeguard user accounts. In addition, I have taken the precautionary measure of enabling two-factor authentication (2FA) through the use of a Yubikey.

Nevertheless, my request does not pertain to the introduction of a novel feature. 1Password 7 already possesses this feature that I am referring to. Any many other Apps also do. Therefore, I kindly request that you reinstate this feature in the current version.

Thank you for your attention to this matter.


Best regards,

Munoo Chahar

June 8, 2023

Hi Dave,

Many people who might see you regularly at work might know your iPhone passcode. Also children know our phone passcode. We don’t want either of these groups knowing how to access 1password.

Recent stories of phone being stolen with known passcodes is an also a major security threat I am concerned about. I'm sure most users and your team here will have heard of the news linked here.
https://appleinsider.com/articles/23/02/24/if-both-your-iphone-and-passcode-get-stolen-youre-in-deep-trouble
https://9to5mac.com/2023/04/19/locked-out-of-apple-accounts/

I am requesting the unique PIN available in 1password 7 be re-instated in 1password 8.

June 8, 2023

Hi @1P_Dave ,
I second with @pete16 . It is the legitimate concern.
Please re-instated pin code.

1P_Dave
1Password Employee
June 8, 2023

@munoo

I've merged the two threads together so that we can keep the conversion in one place. As mentioned in my reply to you yesterday, I've passed your comments along to the team. 🙂

@pete16

Thank you for the feedback. Using the device passcode to unlock 1Password is optional and, if it doesn't fit your personal threat model, then you can unlock 1Password using Face ID / Touch ID or your account password instead. I've shared your request regarding a custom PIN with the team as well.

-Dave

ref: PB-33545334

June 8, 2023

@1P_Dave . Not everyone uses Face ID. Entering a long secure 1password password isn't always ideal. If the concern is users will lock themselves out because they don't understand what is their PIN and what is their actual password. Can we have it so that the full password is required on every 10th login or every 2 weeks like on the Mac version of 1password? Just curious?

Thanks for any help you can offer. You know you make a great product, it's just this backward step in functionality is very disappointing for savvy long term users.

Many thanks. Pete

June 8, 2023

Adding an optional, extra passcode requirement.

Why? Because inputting a long password/passphrase on the iPhone is too hard and using FaceID is too easy.

I've got a nice long password, which, of course, is a pain to enter on my iPhone. I know about using FaceID but feel uncomfortable about the fact that someone in possession of both my phone and me, could unlock 1Password very easily. Of course, using the iPhone's passcode alone is not too secure.

As a suggestion, I'd like it if there was an option to require a numeric passcode (not the iPhone's passcode) after the FaceID was passed, as an additional feature for the insecure, like me.

Thanks.

1P_Dave
1Password Employee
June 9, 2023

@pete16 and @mjudman

Thank you for the feedback. Our Product team recently considered all of the requests and suggestions that we received from folks (here on the forums, over email, and in other places such as user studies) regarding PIN unlock and added device passcode (PIN) unlock as a result of that feedback: Use your device passcode to unlock 1Password for iOS

I'm not personally aware of plans to introduce a custom PIN at this time however I've filed feature requests on behalf of everyone in this thread for future consideration. We appreciate that you took the time to voice why such as a feature would be useful to you.

I've got a nice long password, which, of course, is a pain to enter on my iPhone. I know about using FaceID but feel uncomfortable about the fact that someone in possession of both my phone and me, could unlock 1Password very easily. Of course, using the iPhone's passcode alone is not too secure.

Just in case you didn't see my post above: You can make the iPhone's passcode longer and more secure by using this guide from Apple: Set a passcode on iPhone - Apple Support (CA)

Alternatively, since your 1Password account is protected by both your account password and the 32-character Secret Key, you can change your account password to be easier to type in while still being secure.

I know that these are not the options that you're looking for but I'm mentioning them in case they help. 🙂

-Dave

ref: PB-33571563